OAuth 2.0 is the preferred authentication method. You should consider using OAuth 2.0 instead of TBA whenever possible.
NetSuite supports OAuth 2.0, a robust authorization framework. This authorization framework enables client applications to use a token to access NetSuite through REST web services and RESTlets. The application accesses the protected resources on behalf of a user who gave an explicit permission for the access. This method eliminates the need for RESTlets or REST web services integrations to store user credentials. OAuth 2.0 can be used as an alternative to token-based authentication. It is more straightforward to implement, because request signing is not required.
Web Services Only roles are only for access to NetSuite through web services. Roles with the Web Services Only restriction will not work with RESTlets.
For more information, see Getting Started with OAuth 2.0.
OAuth 2.0 allows integrations to comply with any authentication method that is deployed in a NetSuite account for UI login, such as SAML Single Sign-on, OpenID Connect (OIDC) Single Sign-on, or Ttwo-factor authentication. To enable OAuth 2.0 feature, see Enable the OAuth 2.0 Feature.
OAuth 2.0 introduces two new permissions. For more information, see Set Up OAuth 2.0 Roles.
Administrators and users with the OAuth 2.0 Authorized Applications Management permission can manage all authorized applications in the account. For more information, see Managing OAuth 2.0 Authorized Applications.
You can choose what flow to set up for the OAuth 2.0 feature in your account. For more information, see OAuth 2.0 for Integration Application Developers.